Mandriva Linux Security Advisory : rootcerts (MDVSA-2010:029)
High Nessus Plugin ID 44334
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionThe rootcerts package was added in Mandriva in 2005 and was meant to be updated when nessesary. The provided rootcerts packages has been upgraded using the latest certdata.txt file from the mozilla cvs repository, as of 2009/12/03.
In Mandriva a number of additional CA root certificates has been added such as ICP-Brasil (Brazil government CA), cacert.org, IGC/A CA (French government CA). The IGC/A CA one was recently added upstream in the mozilla certdata.txt file.
The rootcerts package provides the /etc/pki/tls/certs/ca-bundle.crt file which most sofwares in Mandriva, and where appliable is sharing such as KDE, curl, pidgin, neon, and more.
The mozilla nss library has consequently been rebuilt to pickup these changes and are also being provided.
SolutionUpdate the affected packages.